package com.demo;

import com.demo.bean.Company;
import com.thoughtworks.xstream.security.AnyTypePermission;
import org.springframework.beans.factory.annotation.Configurable;
import org.springframework.context.annotation.Bean;
import org.springframework.oxm.xstream.XStreamMarshaller;

@Configurable
public class AppConfig {

    @Bean
    public XStreamMarshaller XStreamMarshaller() {
        XStreamMarshaller xStreamMarshaller = new XStreamMarshaller();
        xStreamMarshaller.setSupportedClasses(Company.class);

        // com.thoughtworks.xstream.security.ForbiddenClassException
        AnyTypePermission anyTypePermission = new AnyTypePermission();
        xStreamMarshaller.setTypePermissions(anyTypePermission);
        return xStreamMarshaller;
    }
}
